[Vtigercrm-developers] Separating Create/Edit into 2 separate Role/Profile permissions

Sutharsan Jeganathan ajstharsan at gmail.com
Wed May 18 09:02:30 GMT 2016


Hi

Thanks for the review.  The points 1 to 3 that we were aware and mostly tpl
level changes required. We might have to fix after pushing it into code
(while others reviewing the code we shall get some time)

Point 4 : Not yet updated the portal

Yes, It is our own code, which is working at one of our client (Appx 50
user Call center) with a slight complex ACL.

We referred you code and got some Idea. Thank you.  Anyway we have
customized the is_permitted() function rather than other core
modification.  I believe this will enable some level of backward
compatibility (including exetnsions)

Once pushed to code.vtiger.com I will udpate here


Thanks
Sutharsan Jeganathan

On Wed, May 18, 2016 at 1:24 PM, Błażej Pabiszczak <
b.pabiszczak at yetiforce.com> wrote:

> It's nice that someone took care of it in Vtiger. Is it your own code, or
> is the solution copied from us? I'd gladly take a look at the code to see
> how you dealt with it :] Here are a few comments:
>
> 1. In quick creation of records you show modules, even though you can't
> create records for them.
>
> 2. In other views, such as calendar, you show a button that shouldn't be
> available. The same applies to starting the creation at the graphical
> calendar level, where you can see the loader but nothing happens. You can
> also see the button in record summary.
>
> 3. The same error exists in related modules – eg. Account > Quote.
>
> 4. Are these permissions also considered in the Customer Portal?
>
> It would be good to take a look at our entire ACL, because we introduced a
> number of changes just like this one, and all of them would be useful in
> Vtiger.
> ---
> Z poważaniem / Regards
>
> *Błażej Pabiszczak*
> *Chief Executive Officer*
> M: +48.884999123
> E: b.pabiszczak at yetiforce.com
> ------------------------------
>
> YetiForce 3.0 LTS has arrived! Test <https://gitdeveloper.yetiforce.com/> the
> latest, most innovative open source system in the world, and join
> <https://github.com/YetiForceCompany/YetiForceCRM> our community.
>
>
>
> W dniu 2016-05-15 10:00, Sutharsan Jeganathan napisał(a):
>
> @Prasad
>
> Here is the demo on the update on this topic we have done. (We have a
> separation of Create / Edit at Role and Profile level )
>
> URL : http://vtu.radus28.com
> User/ pass :  admin / admin
> Test Role : Marketing Team lead ( mmteamlead / 123456 )
>
>
> I appreciate your (and others here) review regarding the ACL perspective.
>
>
> Thanks
> Sutharsan Jeganathan
>
> On Fri, Apr 1, 2016 at 10:22 AM, Sutharsan Jeganathan <
> ajstharsan at gmail.com> wrote:
>
>> Hi Prasad & Alan
>>
>> Good news. We have done the Create/Edit and successfully released to our
>> client this week. Waiting for a week to see the results.
>>  If the results would be fine, I shall show a demo. At the moment it has
>> been done only to Roles as Client doesn't need Profiles. But it won't be a
>> big issue to update Profiles.
>>
>>
>> Thanks
>> Sutharsan Jeganathan
>>
>> On Fri, Mar 18, 2016 at 10:51 AM, Sutharsan Jeganathan <
>> ajstharsan at gmail.com> wrote:
>>
>>> Hi
>>>
>>> Thanks. I am thinking to restrict Create/Modify access control to Report
>>> module, because of restricting roles generating reports
>>>
>>>
>>> Thanks
>>> Sutharsan Jeganathan
>>>
>>> On Thu, Mar 17, 2016 at 10:15 PM, Prasad <prasad at vtiger.com> wrote:
>>>
>>>> Reports is not an entity module - so its conventions are not covered
>>>> through standard action.
>>>> Also, Reports is more of filter than record itself - so ACL might not
>>>> add much value.
>>>>
>>>> Regards,
>>>> Prasad
>>>>
>>>> --
>>>> FB <http://www.facebook.com/vtiger> I Twit
>>>> <http://twitter.com/vtigercrm> I LIn
>>>> <https://www.linkedin.com/company/1270573?trk=tyah> I Blog
>>>> <https://blogs.vtiger.com> I Website <https://www.vtiger.com/>
>>>>
>>>> On Thu, Mar 17, 2016 at 5:08 PM, Sutharsan Jeganathan <
>>>> ajstharsan at gmail.com> wrote:
>>>>
>>>>> Hi Prasad
>>>>>
>>>>> We found the Reports actions are not under ACL (Roles).  Reports have
>>>>> only activate/inactive options but not Export and Create.  The Calendar
>>>>> view > Add button seems like not validated (loaded through js).
>>>>>
>>>>> Is there any chances of upgrading these in near future?
>>>>>
>>>>>
>>>>> Thanks
>>>>> Sutharsan Jeganathan
>>>>>
>>>>>
>>>>>
>>>>> On Mon, Mar 14, 2016 at 11:42 AM, Prasad <prasad at vtiger.com> wrote:
>>>>>
>>>>>> Sutharsan,
>>>>>>
>>>>>> ACL design docs is not available. We have feature documented:
>>>>>> https://wiki.vtiger.com/index.php/Sharing_Access
>>>>>>
>>>>>>
>>>>>> --
>>>>>> FB <http://www.facebook.com/vtiger> I Twit
>>>>>> <http://twitter.com/vtigercrm> I LIn
>>>>>> <https://www.linkedin.com/company/1270573?trk=tyah> I Blog
>>>>>> <https://blogs.vtiger.com> I Website <https://www.vtiger.com/>
>>>>>>
>>>>>> On Mon, Mar 14, 2016 at 11:30 AM, Sutharsan Jeganathan <
>>>>>> ajstharsan at gmail.com> wrote:
>>>>>>
>>>>>>> Hi Prasad
>>>>>>>
>>>>>>>
>>>>>>> Do you have any design notes or developer documents regarding ACL.
>>>>>>> If so could you please share?
>>>>>>>
>>>>>>>
>>>>>>> Thanks
>>>>>>> Sutharsan Jeganathan
>>>>>>>
>>>>>>> On Mon, Mar 14, 2016 at 10:11 AM, Prasad <prasad at vtiger.com> wrote:
>>>>>>>
>>>>>>>> Sutharsan,
>>>>>>>>
>>>>>>>>
>>>>>>>>> If we use before save event will it work to web services?
>>>>>>>>
>>>>>>>>
>>>>>>>> Yes it should.
>>>>>>>>
>>>>>>>> * Optimization might be required for bulk actions though.
>>>>>>>> * Workflow might break unexpectedly with this feature that needs
>>>>>>>> attention.
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> FB <http://www.facebook.com/vtiger> I Twit
>>>>>>>> <http://twitter.com/vtigercrm> I LIn
>>>>>>>> <https://www.linkedin.com/company/1270573?trk=tyah> I Blog
>>>>>>>> <https://blogs.vtiger.com> I Website <https://www.vtiger.com/>
>>>>>>>>
>>>>>>>> On Mon, Mar 14, 2016 at 9:09 AM, Sutharsan Jeganathan <
>>>>>>>> ajstharsan at gmail.com> wrote:
>>>>>>>>
>>>>>>>>> Hi
>>>>>>>>>
>>>>>>>>> Not sure how much effort is needed, but what we are trying the
>>>>>>>>> combination of  tpl. handler and before save event.
>>>>>>>>>
>>>>>>>>> @Prasad : If we use before save event will it work to web services?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Thanks
>>>>>>>>> Sutharsan Jeganathan
>>>>>>>>>
>>>>>>>>> On Mon, Mar 14, 2016 at 3:22 AM, Luca saba <lucasaba at gmail.com>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> Wouldn't be possible to add an event inside the acl? The handler
>>>>>>>>>> could manage a new set of permissions.
>>>>>>>>>>
>>>>>>>>>> In this way there would be less needed effort inside the core and
>>>>>>>>>> there would be a lot of new available features to the developers.
>>>>>>>>>> Il 13/mar/2016 17:31, "Prasad" <prasad at vtiger.com> ha scritto:
>>>>>>>>>>
>>>>>>>>>>> tpl alone is not sufficient as webservices need to be also taken
>>>>>>>>>>> care which is used with workflows...
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>> FB <http://www.facebook.com/vtiger> I Twit
>>>>>>>>>>> <http://twitter.com/vtigercrm> I LIn
>>>>>>>>>>> <https://www.linkedin.com/company/1270573?trk=tyah> I Blog
>>>>>>>>>>> <https://blogs.vtiger.com> I Website <https://www.vtiger.com/>
>>>>>>>>>>>
>>>>>>>>>>> On Sun, Mar 13, 2016 at 1:21 PM, Sutharsan Jeganathan <
>>>>>>>>>>> ajstharsan at gmail.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Hi
>>>>>>>>>>>>
>>>>>>>>>>>> We are thinking about another layer of validation of acl
>>>>>>>>>>>> without modifying standard acl. But this requires tpl level and before save
>>>>>>>>>>>> validations.
>>>>>>>>>>>>
>>>>>>>>>>>> What do you think?
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks
>>>>>>>>>>>> Sutharsan jeganathan
>>>>>>>>>>>> On 11 Mar 2016 15:47, "Alan Lord" <alanslists at gmail.com> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> On 11/03/16 05:02, Sutharsan Jeganathan wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> Hi
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> I am sure this can be done in tpl level and we have done
>>>>>>>>>>>>>> too.  I would
>>>>>>>>>>>>>> like to separate the privilges "Create" and "Edit" in profile
>>>>>>>>>>>>>> level,
>>>>>>>>>>>>>> because the admin have to customize those privileges heavily.
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> Would love to see this, have requested it before, but I think
>>>>>>>>>>>>> it will be a lot of work...
>>>>>>>>>>>>>
>>>>>>>>>>>>> Al
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>>> http://www.vtiger.com/
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>> http://www.vtiger.com/
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> _______________________________________________
>>>>>>>>>>> http://www.vtiger.com/
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> http://www.vtiger.com/
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> http://www.vtiger.com/
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> http://www.vtiger.com/
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> http://www.vtiger.com/
>>>>>>
>>>>>> _______________________________________________
>>>>>> http://www.vtiger.com/
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> http://www.vtiger.com/
>>>>
>>>>
>>>> _______________________________________________
>>>> http://www.vtiger.com/
>>>
>>>
> _______________________________________________
> http://www.vtiger.com/
>
>
> _______________________________________________
> http://www.vtiger.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20160518/b2f40157/attachment-0001.html>


More information about the vtigercrm-developers mailing list